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DETAILED ACTION 

CLAIMS PRESENTED 

Claims 1-5 are presented. 

CLAIM REJECTIONS 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
States. 

Claim 1 is rejected under 35 U.S.C. 102(b) as being anticipated by Cisco 
(http://w/\w.cisco.com 
copyright 1998, Cisco Systems. 

Cisco teaches A method for preventing Transmission Control Protocol (TCP) 
synchronize (SYN) package flood attacks 

- see Section Description, i.e., preventing flood attacks 
, comprising the steps of: 

(1) a firewall having received a TCP SYN connection request package 
from a client, creating a TCP SYN response package for the client and returning 
to the client by the firewall as an agent of a server, informing the client not to 
send data packages by the TCP SYN response package; 

- see Figure 20, arrival of connection attempts, retransmissions to clients 
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(2) detecting whether having received a TCP SYN acknowledgement 
package from the client, if yes, creating a TCP SYN connection request package 
for the server and sending to the server by the firewall as an agent of the client, 

otherwise discarding the TCP SYN connection request package from the client; 
- see Figure 20, when finished with third client, send and transmit to server 
-- see Figure 20, retransmit to first two clients, time out, send resets 

(3) having received a TCP SYN response package from the server, 
creating a TCP SYN acknowledgement package for the server and returning to 
the server, 

at same time, creating a TCP SYN acknowledgement package for the client 
and sending to the client, and initiating data transmission by the TCP SYN 
acknowledgement package; 
-- see Figure 20, server responds, the connection is established, send final ACK 

(4) forwarding data packages coming from the client to the server by 

the firewall as an agent of the client, and forwarding data packages coming from 
the server to the client by the firewall as an agent of the server 
-- see Figure 19, TCP Intercept acts as firewall, forwarding all packets to and 
from client 171.69.232.23 and server 10.1.1.30.. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed 
or described as set forth in section 102 of this title, if the differences between the 
subject matter sought to be patented and the prior art are such that the subject 
matter as a whole would have been obvious at the time the invention was made 
to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was 
made. 

Claims 2-5 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Cisco (http://www.cisco.com/univercd/cc/td/doc/product/software/ios112/intercpt.htm ). 

Regarding claims 2-5, Cisco teaches as noted in the previous paragraphs. 

These passages of Cisco do not teach the various protocol handlings in the 
sense of the claims 2-5. ^ 

Nevertheless, it was well known in the art to have the various protocol handlings 
of claims 2-5 for the motivation of having an effective defense against denial of service. 

In particular, regarding claim 2, such use of zero window size is well known in the 
art for the motivation of minimizing the traffic between unauthorized client and the 
firewall. If the window size is anything other than zero, the flood would work and the 
service would be denied. 

Regarding claim 3, such address handling is well known in the art for the 
motivation of certifying the client. The addresses must be certified for the authorization 
of the client to occur. 

Regarding claim 4, such use of non-zero window is well known in the art for the 
motivation of permitting the traffic. After authorization, as in the situation of claim 4, the 
window must be non-zero for traffic to be permitted. 
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Regarding claim 5, such handling of source sequence number handling is well 
known in the art for the motivation of permitting the traffic. After authorization, as in the 
situation of claim 5, the sequence numbers must be coordinated in order for the traffic to 
be permitted. 

Hence, it would have been obvious to those of ordinary skill in the art at the time 
of the claimed invention to modify Cisco for the motivation noted in the previous 
paragraphs so as to teach the claimed invention. 

Conclusion 

The art made of record and not relied upon is considered pertinent to applicant's 
disclosure. The art disclosed general background. 

Points of Contact 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, D.C. 20231 

or faxed to: 

(571) 273-8300, (for formal communications intended for entry) 
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Or: 



(571) 273-3836 (for informal or draft communications, please label "PROPOSED" or 
"DRAFT") 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David Jung whose telephone number is (571) 272-3836 
or Kambiz Zand whose telephone number is (272) 272-381 1 . 



David Jung 



Patent Examiner 




3/4/07 



